BLOG

Moving Money & Combatting Compliance Tax : Supporting Community Banks and Credit Unions

April 9, 2010 | Andy

With the financial turmoil of recent years, the divide between too-big-to-fail and community banks and credit unions has emerged. This divide is an important one for the recovery of the economy. This is due to the role community financial institutions play in the US economy by providing the funding sources to our Main Street businesses. Taking up the rally cry has been the Huffington Post with the Move Your Money campaign. These efforts provide a valuable service to the industry by creating a central site for people to find local banks and credit unions and move away from the too-big-to-fail crowd proactively. This move not only provides safety to the depositors, but also brings vitality and growth to these institutions to carry on the business lending functions that are critical to our economy. It is only with the growth of assets that these community financial institutions can remain a viable part of our prosperous future. But there’s another thorn in the paw of the community financial industry that needs to be addressed.

The other side of the ledger for community banks and credit unions is on the cost side of the equation. Over the past decade, and especially in recent years, the complexity and costs of compliance have accelerated rapidly. From additional regulations to increased enforcement, compliance costs have grown far faster then the organizations they regulate. So while it is critical for assets growth to occur, if the cost of compliance is growing at a faster rate then it won’t leave the community banks and credit unions in a better position. Compliance costs can really be seen as a tax, meaning burden, on the industry. Due to the dramatic impact of scale, smaller institutions are hit at a much higher rate. This is because they lack the scale to have dedicated roles for each area area to get the benefits of specialization. The compliance tax is regressive.

In looking at the parts of the compliance tax it becomes clear that it is a “death of a thousand cuts”. With so many checks, controls, validations, audits, policies and procedures, it’s no wonder it’s growing harder to keep up. Much of the complexity has come on so slowly and incrementally that it’s reminiscent of the frog and the boiling water. If you put a frog into a pot of boiling water, it jumps out. If, however, you put it into cold water and slowly raise the temperature it will boil to death. It is to this point that a recent Gartner Group paper declared that smaller financial institutions would be priced out of the market in the next 5 years. The Callahan report shows the decline of efficiency ratios in credit unions from 78% to 92% from 2004 to 2008. With this information it’s not hard to see why the Gartner analysis is spot on if nothing changes. But this is not meant to be a sad story, rather one of great promise because we think things can change.

An alliance is forming to help the industry combat the Compliance Tax and in doing so help the industry remain the bedrock that it is. The center of this movement is at www.ComplianceTax.com and its primary fixture is the ComplianceTax calculator. This calculator is there to help banks and credit unions see that the water is, or is about to be, boiling. The calculator is free to use and the site links to Continuity Control’s free platform for bankers to ask, answer and share findings around how they are attacking the compliance tax. We as an industry can each pledge to take action against the Compliance Tax by making our compliance operations simpler, more consistent and more visible. To this end, the Compliance Tax Alliance is taking 3 critical steps,

ComplianceTax.com To provide a place to come together and focus our collective efforts.
Free Compliance forums on Continuity Control To provide a place for us to share and work together so that we need not reinvent the wheel 16,000 times for each of us.
Free policy repository on Continuity Control To provide free policies and procedures under open licensing so that community financial institutions may freely use, modify and share the work.

Through the two forces of growth enabled by the Move Your Money movement and cost reduction born by innovation from sharing, the community financial industry can retain it’s defining position in the US economy.

Remote Rage and the end of Compliance Productivity

February 22, 2010 | Andy

The cool new clock radio I got at Costco had not one, but two iPhone docks. This was very good because I no longer needed to play the relationship game of chicken that’s required when prioritizing whose phone gets juice overnight. It also came with another feature that I would have thought cool years ago, but today it infuriated me. What feature could possibly illicit anger in a clock radio? A remote control!

The first remote I ever saw and used was for my Grandmother’s Zenith TV in the early sixties. The TV was fashionably modern wrapped in white plastic on a pod base. It was wicked, and it had a clicker! While being the youngest by 3 years left me with very little time in command of this wonderful device, it was empowering. I wanted a different channel-bingo! More volume-presto! It was fantastic. It was a reason to go to Grandmas, as our own home would remain remote deprived for a number of years.

As the 70’s gave way to the 80’s we saw cable and VCR’s come into our homes. Video killed the radio star on MTV, and we had the ability to record our favorite shows and watch them until the tapes wore out. In the early days these units were, like the TV’s before them, remote-less, but that was to change. By the end of the 80’s no new units were produced without a remote, and we were on the cusp of the next big breakthrough.

Star Wars was the first film shown with Dolby Surround Sound in 1977. It took nearly 15 years for this to find its way into our homes, but by the early 90’s it was arriving in force. How does this history relate to my clock radio?

Over this period of time we experienced a remote explosion, followed by a features race. Suffice it to say, I view these as bad. To watch TV today requires 6 remote controls with well over 300 buttons. Most of these buttons have two or more alternate functions, leaving me with well over 1000 combinations. I use the word combination on purpose, because figuring out how to watch something often feels more like safe cracking than a simple choice. This has left me with what I call ‘remote rage’.

The primary source of this rage is the desire to do something simple, confounded by the technology that’s supposed to help. Those simple acts that I’d performed flawlessly in 1971, having never seen a remote before, were actions that had led to feelings of empowerment and awe. Today, for me to pick up a remote and attempt to change the channel or adjust the volume, activities that constitute a full 99.999% of all remote usage, I have a 1 in 6 chance of picking up the right remote.

Each of these remotes, whose buttons have likely been pushed inadvertently when throwing it into a basket or to a family member, typically has up to 5 devices that it could control. This math leaves me with a 3% probability of getting it right the first time, or 97% chance of not. Rolling the dice another time doesn’t dramatically improve my odds. Rather than empowerment and awe, I’m now left with feelings of ‘remote rage’.

The reason for sharing this, is that as computer software has exploded over the last decades we’re experiencing a very similar dynamic in which ‘additional applications’ are simply not the answer in the same way that additional remotes are not. The cognitive complexity is hindering the same challenges we’re spending money to solve. A recent Deloitte study shows that increased investments in compliance are not having corresponding returns in improved controls and risk reduction. I offer it up for consideration, are the issues of remote rage and the end of compliance productivity related? I for one think they are intimately related at a human level.

Photo credit: redjar

Four C’s of Banking Vendor Management

February 19, 2010 | Sonya

The minute you begin considering outsourcing any service, that’s when the lifestyle of vendor management begins. Certain aspects are critical for the stability of your financial institution’s vendor management program.

Consistency

Once your vendor management policy is in place, there must be consistency in the processes for monitoring and managing your vendors. When an examiner comes in and there are spans of dates that are missing in your reports, that alerts them that the process wasn’t in place. Regardless of how well those things were analyzed with lots of comments & feedback that went to the Board, the inconsistency will send up a red flag for the examiner.

Continuous

Vendor management is a lifestyle, the monitoring and management must happen on an ongoing basis, not just prior to contract and before your financial institution is examined.

Certify

Validation that the vendor is doing everything that they are supposed to in order to manage your risk. At the end of the day, regulators will inform you that you are responsible for making sure that the vendor is in compliance. So, regardless of the assurances that your vendor provides, you need to see verification that they are in compliance with current FFIEC regulations.

Contract review

This is one time when “Auto” isn’t good! It’s a conflict of interest for your vendors to remind you to review your contract prior to the auto-renewal date. If your contract renews automatically and there hasn’t been a review, your community bank or credit union will have lost leverage in price negotiation and may not like the terms that you are locked into for another term.

Vendor management can be an especially burdensome requirement for your financial institution, but with a process in place that schedules and monitors all of these procedures, you’re less likely to drop the ball on any one aspect. Of course, automating the Vendor Management program is the best way to relieve your financial institution’s Compliance Tax™.

Weblinking Policy

February 9, 2010 | Sonya

This week’s free banking policy is a Weblinking Policy.

Excerpt: “The policy establishes controls over the website’s weblinks to other sites not under our direct control. When financial institutions use weblinks to connect to third-party websites, the resulting association is called a “weblinking relationship.” Financial institutions with weblinking relationships are exposed to several risks associated with the use of this technology. The most significant risks are reputation risk and compliance risk. “

Every Tuesday, Continuity Engine releases a free banking policy for use by community banks and credit unions across America. These policies are made available through Creative Commons licensing so that banks and credit unions may freely remix and reuse the content to suit their individual financial institution’s needs. When we release a new policy, the previous week’s policy is archived on Control where it is always available for free to community members. In case you were wondering, membership in our community is always free for credit union folks and community bankers.

Please remember that this policy is only available for free to unregistered visitors to our website through February 16, 2010. If you are looking for a particular policy that you would like us to feature on a future Free Policy Tuesday, please let us know in the comments!

Photo credit: vjlenin

Bank Secrecy Act webinar presented by ATTUS Technologies

February 4, 2010 | Sonya

Just wanted to share that ATTUS Technologies is presenting a free webinar: Building an Effective BSA/AML Program: Assessing Your Institution’s Risk on February 18, 2010 from 3-4 ET. The webinar will cover understanding how to identify and assess its BSA/AML risks and to developing an effective program in accordance with the specific requirements set forth under the Bank Secrecy Act.

Last month we announced that ATTUS Technologies has joined Continuity Engine’s ActionPack Alliance to enhance the current Bank Secrecy Act ActionPack and to create new ActionPacks for the Gramm-Leach-Bliley Act, Office of Foreign Assets Control (OFAC), identity verification, Regulation CC and Regulation E.

Remote Deposit Capture : Compliance Challenges in the News

January 6, 2010 | Sonya

ABA Banking Journal recently ran an article written by Dan Fisher titled “RDC Compliance Remains Thin.” Dan discusses the FFIEC guidelines for Remote Deposit Capture that were released January 14, 2009. He notes that the guidance “is much more far reaching [than the industry expected] and carries with it a significant impact on the management of technology.”

Our last Control Tv episode featured Remote Deposit Capture and Susan Orr’s RDC ActionPack on our Control platform. RDC challenges brought up in Dan’s article and covered in the Susan Orr RDC ActionPack include:

Thorough due diligence, identifying associated risks in advance of implementing any new RDC technology or product.
Inadequate MIS reporting and lack of monitoring were among the greatest challenges in RDC exam findings with regard to the FFIEC guidance and compliance. “The translation is simple one: looking at a threshold-limit violation 30 days after the fact is not an effective risk management, monitoring, and mitigation program”, wrote Dan.
Identifying, assessing, managing, monitoring, and mitigating RDC risks up front. Dan reflected, “The theory of the guidance is to look ahead to see a potential problem rather than look back and realize you have one.”

As Andy Greenawalt says, “The controls needed aren’t that complex, but are too infrequently deployed.” At Continuity we’re here, with the ActionPack Alliance to help you take the headaches out of compliance.

Remote Computing Policy

December 22, 2009 | Sonya

This week’s free banking policy is a Remote Computing Policy.

Excerpt: “Remote computing policy and procedures manage security and maintenance of institution owned and managed portable equipment and all remote access to the private network. A portable device can be defined as a laptop or hand-held device. Here are some common portable devices governed by this policy: laptops, digital notebooks, personal data assistants (PDA), mobile phones and removable media such as flash drives, magnetic tapes, and CD-ROMs.”

Please remember that this policy is only available for free on our website through December 28, 2009. If you are looking for a particular policy that you would like us to feature on a future Free Policy Tuesday, please let us know in the comments!

Photo credit: cRaig Forrester

Remote Deposit Policy

December 15, 2009 | Sonya

This week’s free banking policy is a Remote Deposit Policy.

Excerpt: “Remote Deposit Capture (RDC) enables businesses (referred to within as “merchants”) to make deposits from their business locations instead of taking the deposits to the financial institution. Digital information captured at the business location is transmitted to the financial institution. RDC introduces new risks and increases existing risks in processing deposits originated by the institution’s commercial or retail customers, or by customers of other financial institutions.”

Please remember that this policy is only available for free on our website through December 21, 2009. If you are looking for a particular policy that you would like us to feature on a future Free Policy Tuesday, please let us know in the comments!

Photo credit: David Goehring

Hand-Held Device Policy

December 8, 2009 | Sonya

This week’s free banking policy is a Hand-Held Device Policy.

Excerpt: “The Hand-Held Device Policy describes the control procedures of institution owned cell phones and PDAs. Cell phones and Personal Digital Assistants (PDAs) have become indispensable tools for today’s highly hand-held workforce. Small and relatively inexpensive, these devices can be used not only for voice calls, but also for simple text messages and Personal Information Management. While these devices provide productivity benefits, they also pose new risks to the institution.”

Please remember that this policy is only available for free on our website through December 14, 2009. If you are looking for a particular policy that you would like us to feature on a future Free Policy Tuesday, please let us know in the comments!

Photo credit: @voltygon

Strategic Planning Policy

October 20, 2009 | Sonya

This week’s free banking policy is a Strategic Planning Policy. Excerpt: “This institution’s major initiatives are to be guided by a formal, written strategic plan based on its established mission and philosophy. A Strategic Planning Team will be assembled to carry-out the strategic planning process. All the procedures must enforced by the Chief Operations Officer (COO). The strategic plans are 1 to 3 years and must be updated once per year. This policy and the strategic plan must be approved by the Board of Directors each year.”

Please remember that this policy is only available for free on our website through October 27, 2009. If you are looking for a particular policy that you would like us to feature on a future Free Policy Tuesday, please let us know in the comments!

« Newer Posts — Older Posts »

Search Our Site

Search for:
Categories
- ActionPacks (1)
- Bankers (1)
- CE TV (1)
- community (3)
- community banks (2)
- Compliance Comics (3)
- Compliance in the News (1)
- Compliance Tax (1)
- Compliance Technology (3)
- credit unions (5)
- crowdsourcing (1)
- Free Banking Policies (1)
- Free Policy Friday (2)
- Free Policy Tuesday (9)
- Friday Fun (3)
- News & Press (34)
- Uncategorized (7)

Consistency

Continuous

Certify

Contract review

Search Our Site

Categories